Serious Discussion New McAfee and what is wrong with it

Trident

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,351
McAfee offers more aggressive detection and protection on downloads through their download advisor. The blocking of malicious and phishing sites is solid too. McAfee now blocks fully qualified malicious domains and IP addresses system-wide.

All in all, it is ok for an average user.
 
  • Like
  • +Reputation
Reactions: Guilhermesene, roger_m, mlnevese and 5 others
O

Obsession

New Member
Oct 11, 2024
2
IMHO it's not bad that only on-execution scanning is done. What is malware supposed to do if it's lying around on the disk and never executed? I also always set Eset to on-execution. The speed is fantastic and so far I've never caught anything from it. What is the point of a scan that scans the same file again every time the machine accesses it? I know there are different opinions on this, but the danger is not as great as it is portrayed here, it only consists in the fact that you can copy the file. Files that you receive from strangers (or friends), for example on a USB stick, should be scanned beforehand anyway and not blindly executed. That is where the danger is greater, but in this case the problem is IN FRONT of the screen.

just my 2 cents.
 
Game Of Thrones

Game Of Thrones

Level 6
Thread author
Verified
Well-known
Jun 5, 2014
267
Obsession said:
IMHO it's not bad that only on-execution scanning is done. What is malware supposed to do if it's lying around on the disk and never executed? I also always set Eset to on-execution. The speed is fantastic and so far I've never caught anything from it. What is the point of a scan that scans the same file again every time the machine accesses it? I know there are different opinions on this, but the danger is not as great as it is portrayed here, it only consists in the fact that you can copy the file. Files that you receive from strangers (or friends), for example on a USB stick, should be scanned beforehand anyway and not blindly executed. That is where the danger is greater, but in this case the problem is IN FRONT of the screen.

just my 2 cents.
Click to expand...
most antimalware scans local files once and then only scans new files so the impact will be minimal. only geeks scan the USB files, normal people just open the files or copy them and pass them to others, the point is with this on execution scan the chain of attack/infection will go on. As you see with Kaspersky or ESET it is possible to implement a balanced yet powerful policy of scanning and prevention which is still light on resources. with kinds like eset or Kaspersky, you don't need to worry about the performance of on access scan they made a balance by using local detections and cloud detections(hybrid detection which is the best policy and malware detection tactic)

this on execution scan is not logical, malware should be taken care of ASAP, lying around on disk or network or USB devices is not rational. they wanted to make McAfee light but they messed up in this on execution thing
 
  • Like
Reactions: oldschool, mlnevese, roger_m and 1 other person
O

Obsession

New Member
Oct 11, 2024
2
It's not that simple. When you say "only scan new files", consider the following scenario: you download a file, the AV doesn't find anything. You just leave the file in the downloads folder. Then the AV updates its signature, which COULD find a virus in this file, but since it's not newer, it won't be scanned anymore. Even more stupidly, whitelisted files are usually not scanned when they're executed - the file is clean, it's already been scanned.

The hybrid detection you mentioned has nothing to do with on-access or on-execution. One is HOW malware is detected, the other is WHEN malware is detected.

And in that case, it's usually sufficient if the malware is detected BEFORE it's executed.

These are different strategies, each with its own specific advantages and disadvantages. This is simply not a black and white issue, a lot of people have already racked their brains over it.

For example, I don't want an AV that constantly scans the same files and wastes my power and time.

Kaspersky is a completely different issue (in relation to UltraAV), but even there and in ESET there is the option to set it to on-execution (which I have always done, I used to be with Kaspersky for years, then with ESET until six months ago and now with F-Secure and, as a result of a campaign, also with McAfee - but different PCs). With F-Secure (which many people consider to be very easy) I do notice the on-access check. But that's another story.
 
  • Like
Reactions: simmerskool, mlnevese and superleeds27
B

BSONE

Level 2
Feb 17, 2024
71
Trying Mcafee Antivirus now. Nice and simple UI that gets out of your way similar to Windows Security and F-Secure. The Mcafee Webadvisor Chrome extension is responsive and gives green ticks to Website search results. Has very little CPU usage on fast.com and speedtest.net download tests (1000mps/50mps internet). Quite fond of it at the moment.
 
  • Like
Reactions: simmerskool, oldschool, mlnevese and 2 others
mlnevese

mlnevese

Level 28
Verified
Top Poster
Well-known
May 3, 2015
1,739
Just to add my $0.02 any downloaded file will be scanned on download for malware before being saved. Then only on execution or if a manual scan is triggered.
 
Last edited:
  • Like
  • Hundred Points
Reactions: simmerskool and oldschool
RoboMan

RoboMan

Level 35
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,483
Obsession said:
IMHO it's not bad that only on-execution scanning is done. What is malware supposed to do if it's lying around on the disk and never executed? I also always set Eset to on-execution. The speed is fantastic and so far I've never caught anything from it. What is the point of a scan that scans the same file again every time the machine accesses it? I know there are different opinions on this, but the danger is not as great as it is portrayed here, it only consists in the fact that you can copy the file. Files that you receive from strangers (or friends), for example on a USB stick, should be scanned beforehand anyway and not blindly executed. That is where the danger is greater, but in this case the problem is IN FRONT of the screen.

just my 2 cents.
Click to expand...
Take into account that a malicious file may be actually executed without user interaction. There has been cases where a vulnerability on unzipping software lead to malware exe executing upon user extracting the compressed file. Usually, the triple combo is the safest approach: scan on access, on modification, and on execution.
 
  • Like
  • +Reputation
Reactions: Abhishek Singha, simmerskool, Behold Eck and 2 others

Similar threads

Trident
    • Like
    • +Reputation
New Update The new cloud-based McAfee
Replies
46
Views
6,241
McAfee
jtshadow92
jtshadow92
I
    • Like
New Update New: McAfee AI-powered Scam Protection now available in McAfee Mobile Security - Android and iOS
Replies
0
Views
840
McAfee
Ink
I
Exceedinglife
Serious Discussion Azure Tenant Scanning
Replies
1
Views
221
General Security Discussions
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top